Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-09 | CVE-2023-6964 | Server-Side Request Forgery (SSRF) vulnerability in Kadencewp Gutenberg Blocks With AI The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.26 via the 'kadence_import_get_new_connection_data' AJAX action. | 6.4 |
| 2024-03-28 | CVE-2023-45705 | Server-Side Request Forgery (SSRF) vulnerability in Hcltech Bigfix Platform An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit through SMTP configuration options. | 7.2 |
| 2024-03-18 | CVE-2024-27098 | Server-Side Request Forgery (SSRF) vulnerability in Glpi-Project Glpi GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. | 9.6 |
| 2024-03-14 | CVE-2024-1884 | Server-Side Request Forgery (SSRF) vulnerability in Papercut MF This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing. | 6.5 |
| 2024-03-05 | CVE-2024-27561 | Server-Side Request Forgery (SSRF) vulnerability in Wondercms 3.1.3 A Server-Side Request Forgery (SSRF) in the installUpdateThemePluginAction function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the installThemePlugin parameter. | 8.1 |
| 2024-03-05 | CVE-2024-27563 | Server-Side Request Forgery (SSRF) vulnerability in Wondercms 3.1.3 A Server-Side Request Forgery (SSRF) in the getFileFromRepo function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter. | 5.3 |
| 2024-03-05 | CVE-2024-27564 | Server-Side Request Forgery (SSRF) vulnerability in Dirk1983 Chatgpt 20230523 A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter. | 6.5 |
| 2024-03-05 | CVE-2024-27565 | Server-Side Request Forgery (SSRF) vulnerability in Dirk1983 Chatgpt-Wechat-Personal 20230329 A Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to make arbitrary requests. | 9.8 |
| 2024-02-28 | CVE-2024-1568 | Server-Side Request Forgery (SSRF) vulnerability in S-Sols Seraphinite Accelerator The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.20.52 via the OnAdminApi_HtmlCheck function. | 6.4 |
| 2024-02-21 | CVE-2024-23654 | Server-Side Request Forgery (SSRF) vulnerability in Discourse AI discourse-ai is the AI plugin for the open-source discussion platform Discourse. | 7.2 |